Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-7200

Using QNetworkAccessManager with local certificate causes self-signed error

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: P2: Important P2: Important
    • 5.3.0
    • 4.6.0
    • Network, Network: SSL
    • None
    • Win32, MSVC2008, Qt 4.6.0, OpenSSL 1.0.0-b4
    • 5773a5cd50fac6d7348805f785df0cf29f4388b9

      I have a piece of code which goes something like this:

      	qssReg = new QSslSocket(this);
	qssReg->setLocalCertificate(qscCert);
	qssReg->setPrivateKey(qskKey);

	http = new QHttp(QLatin1String("hostname"), QHttp::ConnectionModeHttps, 443, this);
	http->setSocket(qssReg);

	connect(http, SIGNAL(done(bool)), this, SLOT(done(bool)));
	connect(http, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(regSslError(const QList<QSslError> &)));

      The purpose being to do a https connection with a local certificate for authentication. With OpenSSL 1.0.0-b4, this will always cause regSslError() to trigger with "The certificate is self-signed, and untrusted". Looking at qssReg->peerCertificateChain(), I see the "base" certificate for the server is listed twice, then the CA chain to the root cert. I haven't really done any more debugging than that.

      With OpenSSL 0.9.8l, everything works as expected.

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Unassigned Unassigned
            slicer Thorvald Natvig
            Votes:
            4 Vote for this issue
            Watchers:
            11 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes